IRM Weekly Cybersecurity Roundup: Medical cyber-attacks and more

Medical cyber-attacks ramp up during pandemic

Despite the news last week that some of the most notorious hackers were going to avoid medical cyber-attacks as a sign of respect, it appears many other cybercriminals have a different idea.

In the last week, multiple health organisations and hospitals have fallen victim to increased cyber-attack attempts.

According to the World Health Organisation (WHO), cyber-attacks attempts against them have doubled. One attack is thought to have been carried out by a group of hackers called “DarkHotel”, which has more than 10 years of experience in cyber espionage.

The Hammersmith Medicines Research facility has also been targeted separately. This is a UK medical facility assisting with Coronavirus vaccine tests. It has experienced a cyber-attack by the Maze ransomware group. This was one of the groups who has (since the attack) pledged not to attack organisations of this kind.

The Maze group held Hammersmith Medicines Research to ransom but they refused to pay. The Maze attackers have published some of the sensitive data online.

France and Spain have also fallen victim to cyber-attacks. A French hospital in Paris had its computer network overwhelmed but they were able to handle the attack. A Spanish hospital in Murcia was subject to a malicious email campaign aimed at getting a member of staff to open a virus-riddled email.

Government releases 2020 cybersecurity breaches survey

The UK’s Department for Digital, Culture, Media and Sport (DCMS) has just released its 2020 cybersecurity breaches survey.

The key finding hitting the headlines is – almost half of UK business suffered a cyber-attack in the last 12 months.

Charities are seemingly getting hit the hardest compared to other types of organisations. Other highlights from the report include 80% of businesses say cybersecurity is a high priority for their senior management boards. This number is up from 69% in 2018, showing a shift in attitude.

Quick-Fire Updates

Free cybersecurity training community – has just been launched by Security Innovation. The community offers free training to help beat the demand for cybersecurity professionals in the industry. Access the courses here.

Mexico economy ministry suffers cyber-attack – No sensitive information is thought to have been compromised, but it’s the second attack on the government after hackers previously demanded $5 million in bitcoin last November. Read more here.

Short-term impacts of COVID-19 realised in cybersecurity: The main outputs are expected to include more reliance on IT departments to support future remote working capabilities, with improved security to underpin this. Read more here.